Edge computing applications for equipment designers Page 8
Tips on your network installation Page 30
Securing the IIoT Page 40
APRIL 2021
Cover FINAL — Internet of Things HB 04-21.indd 1
4/7/21 11:13 AM
210204_FIHA_EEW_US.indd 1
2/4/21 11:05 AM
We make IoT real Smart homes feature a growing range of intelligent functions such as automation, energy management, home security and safety and intelligent lighting. Advanced IoT solutions from Infineon play a key role in making homes smart, secure and power-efficient. Advanced sensing capabilities
› REAL3™ 3D image sensor for gesture control › 24 GHz & 60 GHz radar motion sensors Cross-application control
› XMC™ microcontrollers for control, communication and sensor management
Smart power management
› Power management ICs for reduced power consumption and increased performance
Trusted security protection
› OPTIGA™ Trust family for secure communication
www.infineon.io
IIoT devices run longer on Tadiran batteries.
PROVEN
40 YEAR OPERATING
LIFE
Remote wireless devices connected to the Industrial Internet of Things (IIoT) run on Tadiran bobbin-type LiSOCl2 batteries. Our batteries offer a winning combination: a patented hybrid layer capacitor (HLC) that delivers the high pulses required for two-way wireless communications; the widest temperature range of all; and the lowest self-discharge rate (0.7% per year), enabling our cells to last up to 4 times longer than the competition.
ANNUAL SELF-DISCHARGE TADIRAN
COMPETITORS
0.7%
Up to 3%
Looking to have your remote wireless device complete a 40-year marathon? Then team up with Tadiran batteries that last a lifetime.
* Tadiran LiSOCL2 batteries feature the lowest annual self-discharge rate of any competitive battery, less than 1% per year, enabling these batteries to operate over 40 years depending on device operating usage. However, this is not an expressed or implied warranty, as each application differs in terms of annual energy consumption and/or operating environment.
Tadiran Batteries 2001 Marcus Ave. Suite 125E Lake Success, NY 11042 1-800-537-1368 516-621-4980 www.tadiranbat.com
*
CONTENTS INTERNET OF TH INGS HANDBOOK • APRIL 2021
02 06
08
Worst suspicions confirmed: The terrible 30 security of internet routers Wi-Fi and LoRaWAN for the IoT
The combination of high-date-rate WiFi with low-data-rate, transmit-once-in-a-while LoRaWAN can make numerous IoT applications practical.
Edge computing applications for equipment designers
Industrial edge devices begin to show their value
11
One Fine Mesh: Wi-SUN in the smart city evolution
The Wi-SUN standard is a candidate for infrastructure networks that demand high bandwidth, low latency, and power efficiency.
14
Antennas for smart IoT applications
IoT antennas increasingly must handle frequencies well beyond the ISM band and into the cellular and 5G spectrum.
16
E-ink and the IoT
E-ink has the potential for delivering wireless color screens on IoT devices that consume little power.
20
Consolidating workloads at the rugged edge: Enabling inference computing anywhere
Severe settings are tapping into real-time processing, advancing a new level of machine learning and AI.
24
Fundamentals of fast chargers for phones and notebook PCs
Overlapping protocols and competing standards have created a confusing landscape for USB chargers. Here are the important differences and similarities of most
Tips on planning your network installation
As network structures evolve, it’s important to have a plan that guides the appropriate use of resources and strategies when you design, implement, operate, and maintain networking structures for your organization.
34
Assessing the benefits of real-world IIoT installations
40
Securing the IIoT
42
Minimizing cyber threats via testing and evaluation
IIoT technology can often benefit industrial processes without a large capital investment.
Few connected products have gone through independent testing and evaluations that could head off security problems during their use.
46
Sensor-based automation for smart buildings
Cloud-based intelligence can help serve as a nervous system for controllers handling multiple building domains.
48
From the lab to the real-world: DPA attacks in the wild
State-of-the-art countermeasures help make IoT products bullet-proof to ever-improving power analysis attacks.
50
How manufacturers can protect IoT products from cyberattacks
Cybersecurity has long been a critical focus for large enterprises. Now IoT device design engineers must take a page from the enterprise security playbook.
interest to designers.
eeworldonline.com | designworldonline.com
4 • 2021
DESIGN WORLD — EE NETWORK
5
If You Want to Build the World’s Most Advanced and Powerful IoT Devices Start with the world’s most advanced and powerful cellular IoT connectivity solution.
NEKTAR Evaluation Kit To prototype and evaluate your IoT solution, Sequans offers the Monarch 2 GM02S NEKTAR Evaluation Kit.
Monarch 2 GM02S Includes all features necessary to deploy IoT on a massive scale: Industry-leading lowest level power consumption
23 dBm transmit power
Low voltage operation down to 2.2 volts allowing use of low-cost batteries Fully forward compatible with Monarch 1 Programmable RF filtering for global band support in a Single-SKU IoT-Findit™ location engine supports indoor and outdoor locating without GNSS
GSMA-compliant EAL5+ secure enclave for integrated SIM and crypto applications
• • • •
Pre-paid SIM with global connectivity included Integrated on-board antenna 617-900 Mhz / 1695-2200 Mhz Easy power measurement with external power supply NEKTAR-CONNEKT interface for daughter board
Embedded voice processing acceleration for optimized VoLTE Application CPU supports customer application software and ultra-low power sensor hub Small footprint module 16.3 X 17 X 1.85 mm
To build ultra-reliable, secure, powerful and cost-effective IoT devices, contact the leader in cellular IoT. Contact us today at sales@sequans.com, or visit us online at sequans.com/monarch-2-gm02s-module.
∎ ∎ ∎ ∎ ∎ ∎ ∎ ∎
n n n n
n
Access millions of electronics products from 600+ world class suppliers Global resources with operations in 35 different countries Personalized customer service and technical support from a team of industry experts Value added services such as: stockroom solutions, custom components and enclosures, kitting, and more Market-leading online community with over 600,000 engineers Call us for a quote on large or small orders, or email quote@newark.com
SHOP THE WAY YOU PREFER
EPROCUREMENT SYSTEMS
Website: newark.com
We can link with any eProcurement system, and our dedicated e-team will facilitate your implementation.
Email: order@newark.com / quote@newark.com Phone: 1 800 463 9275 M-F 7:00 a.m. – 8:00 p.m. (EST) Fax: 1 480 308 1687 Technical Support: Go online for live technical support or call 1 877 736 4835 Community: element14.com
Email: eproc@newark.com NO MINIMUM ORDER FEES
SHIPPING Domestic: Order M-F by 9:30 p.m. (EST) Export: Order M-F by 6:00 p.m. (EST)
YOU CAN FIND US AT…
In-stock products normally ship the same day
GLOBAL REACH, LOCAL RESOURCES n n n
Millions of products, 800,000 in stock Supporting 48 websites in 35 languages Authorized distributor for 3000+ brands globally
At STMicroelectronics we create technology that starts with You
At ST, we are creators and makers of semiconductor technologies. We work with our customers and partners to design and build products, solutions, and ecosystems that address their challenges and opportunities, and the need to support a more sustainable world. We are drivers of your innovation. We build products, solutions and ecosystems that enable smarter mobility, more efficient power and energy management, and the widescale deployment of the Internet of Things and 5G technology.
For more information, please visit www.st.com
AD_WTWH_general_0321.indd 1
3/25/2021 10:46:53 AM
R E B
ST
IN
G CHAM
mmWAV
EM
EMENT R U S A E
TE
C
M
Y
CM
MY
CY
CMY
The millimeter measurement system is a flexible turn-key solution, ideal for all testing needs for mmWave system development and validation, including 5G communications devices, mobile communications devices, and research and development.
K
Technology: Far-field / Spherical with Oversampling Frequency Range: 18GHz – 110GHz Maximum Size of DUT: 45cm Maximum Mass of DUT: 10kg on the mast
5G TESTING
Typical Dynamic Range: 50db
S C A N
TO LEARN MORE
INTERNET OF THINGS HANDBOOK Infineon’s XENSIV Predictive Maintenance Evaluation Kit helps quickly evaluate sensorbased condition monitoring and predictive maintenance applications.
Sensor-based automation for smart buildings Preet Sibia, Power and Sensor Systems, Robert Junker • Infineon
Cloud-based intelligence can help serve as a nervous system for controllers handling multiple building domains. The core principle of building automation is the centralized control of a building’s domain, such as HVAC, shading, lighting, access control systems and more. Real-time monitoring of usage patterns and equipment is crucial for this centralized control. In the case of physical plant and equipment, sensor-based intelligence can help reduce equipment failures and extend lifetimes via predictive maintenance practices. Condition monitoring based on sensor data changes the building management paradigm from reactive to proactive. This is particularly true for heating, ventilation, as well as HVAC systems.
learning (ML) for predictive-maintenance-enabled HVAC systems. For developers, Infineon offers an evaluation kit dedicated to predictive maintenance. It includes magnetic, current sensors and hall sensors and switches, a barometric pressure sensor and a MEMS microphone. Edge processing is via an Arm Cortex MCU. An end-to-end secured Internet connection from the edge to cloud resources is enabled with a dedicated secure element. This secure element provides hardware security and authentication for zero-touch cloud provisioning and multiaccount registration. Predictive maintenance setups HVAC demonstration unit (below) should monitor the condition of and real-time sensor data for the most critical components inside condition monitoring.
The U.S. Energy Information Agency reports that HVAC accounts for about one-third of the energy used by commercial and industrial buildings. The effects of unscheduled HVAC downtime can range from annoying office conditions to life-threatening problems in health care facilities. Failing HVAC equipment may also degrade air quality, particularly important during the COVID-19 pandemic. Thus there are clear benefits to HVAC monitoring and analysis functions that trigger maintenance before problems arise. Two challenges arise when implementing a “smart” HVAC system. The first concerns building-in the sensors and edge processing resources to collect operating data. The second is in creating the data analysis necessary for automated, real-time decision making. To address both issues, Infineon partnered with IoT specialist Klika Tech and cloud provider AWS on an end-toend evaluation kit. The kit leverages cloud services and machine
46
DESIGN WORLD — EE NETWORK
Infineon LT — IOT HB 04-21.indd 46
4 • 2021
eeworldonline.com | designworldonline.com
4/7/21 12:28 PM
SMART BUILDING IoT An example of how the air flow rate in an HVAC drops over time due to a clogged filter.
the system. For HVAC systems these are airmoving fans, motors, compressors and air filters. The parameters of such components can be monitored by one or more sensing elements the board supports, including: • • • • • • •
Air flow measurement based on barometric pressure sensing Current measurement at the fan and compressor via magnetic current sensors Position sensing of the motor with 3D magnetic sensor Linear vibration and movement measurement using a linear Hall sensor Lid position detection with Hall sensors Speed and direction measurement using a double Hall sensor Sound anomaly detection with a MEMS microphone
A portable air conditioning system demonstrates typical predictive maintenance scenarios. The sensorequipped unit monitors current flow, the hot and cold fans, and the compressor. It produces a real-time view of component status and flags anomalies that might trigger inspection or maintenance. When air-flow through a filter, monitored using a barometric sensor, declines over time, replacement can be based on actual conditions rather than an assumed filter lifetime. The evaluation kit’s software handles data capture/logging and pre-processing, then sends data to the cloud. In turn, a Klika Tech integration connects the Amazon FreeRTOS enabled evaluation kit to a cloud-based platform for data collection and condition monitoring. Via AWS IoT Services for data analysis and predictive services, end-users can implement predictive maintenance and anomaly detection features for HVAC devices. Another role for cloud-based intelligence in building automation is as a nervous system for controllers handling multiple building domains. The HVAC control system is one such domain. Other examples are in-building transport such as elevators and escalators, as well as access control. Radar and time-of-flight (ToF) sensors are eeworldonline.com
|
designworldonline.com
often used in both transport and access control, detecting people and movement while protecting personal privacy. Electrical systems, including lighting and power, security and alarm systems, as well as the information and communication technology (ICT) infrastructure can all be automated. Presence detection systems based on radar, ToF and even MEMS microphones, can feed data into building management systems to control lighting, power and room temperature, as well as security and building access. Energy infrastructure, as well as plumbing and water heating systems, can be monitored via increasingly intelligent power supply and conditioning ICs. Sensor technologies also boost the capabilities of this digital nervous system. Measuring the flow of people helps manage and predict occupancy levels. The demand for such technologies has been exacerbated by the COVID-19 pandemic. Infineon launched a smart-entrance-counter evaluation kit employing a sensitive and low-power 60-GHz radar IC. Use of radar is more economical than alternatives such as ordinary cameras, which can Multi-domain control systems be costly and violate for predictive maintenance.
privacy, or passive infrared cameras which can be unreliable and are not concealable. Most importantly, radar technology keeps personal data 100% protected. The evolving architecture of smart buildings has been compared to the evolution of autonomous driving platforms. In this concept, predictive maintenance is on Tier 1, linking one domain to a building management system (BMS) platform. In-room sensors for presence detection add data used to trigger heating or cooling. Ultimately the domains will feed data to a comprehensive building operations platform and extend control over automated operations and management of multiple systems. McKinsey estimates global spending for all major systems and equipment used in buildings to be more than $1.5 trillion annually. It’s probably no surprise that global revenue for smart building technologies is on track to double in the first half of this decade. In short, smart buildings are smart business.
INFINEON, WWW.INFINEON.COM
Levels of smartification in Smart Building
4 • 2021
DESIGN WORLD — EE NETWORK
47
INTERNET OF THINGS HANDBOOK
From the lab to the real-world: DPA attacks in the wild State-of-the-art countermeasures help make IoT products bullet-proof to ever-improving power analysis attacks. There’s a growing focus on security among manufacturers of IoT products, driven in part by how high-profile attacks affect buyer behavior. When an attack or data breach makes headlines, regardless of its actual severity, consumer confidence erodes, and vendors face reputational damage. Manufacturers know that buyers understand the potential consequences of poorly designed smart locks or alarm systems. Establishing a reputation for trustworthiness is, therefore, top-of-mind for vendors. The weapon of choice for a wide range of attacks is differential power analysis (DPA). This technique uses statistical analysis on a device’s power consumption as a side-channel to extract keying material or other secrets. There are several ways attacks can utilize DPA, but all of them have one thing in common: They require incredibly complex equipment and algorithms. Nevertheless, sufficiently sophisticated criminal hackers can employ these attacks, so they are moving outside the lab and into the real world. More specifically, DPA requires that the attacker understand what kind of computer operations take place during security procedures such as DES (Data Encryption Standard) encoding. DPA attacks measure power levels at different parts of the chip and apply statistical analysis to overcome countermeasures, such as added noise, applied to obscure the power signature of individual bits. Measurements of power use
Measurement method Hardware-accelerated AES-128 (2nd gen IC, decoupling capacitor in place)
identify the computational operations the device executes. Analysis will reveal several of the cryptokey bits at a time. Repeating the process eventually produces the entire key. For example, the original paper that introduced DPA included the following discussion: The DES key schedule computation involves rotating 28-bit key registers. A conditional branch is commonly used to check the bit shifted to the end so that “1” bits can be wrapped around. The resulting power consumption for a “1” bit and a “0” bit will contain different features if the execution paths take different branches for each. Similarly, DES implementations perform a variety of bit permutations. Conditional branching in software or microcode can cause significant power consumption differences for “0” and “1” bits. And string or memory comparison operations typically perform a conditional branch when a mismatch is found. This conditional branching causes large power (and sometimes timing) signatures. In 2015, a project called ChipWhisperer was funded through a Kickstarter campaign. Its success put power analysis into the hands of white-hat hackers as well as hobbyists. Besides power analysis, ChipWhisperer focuses on voltage and clock glitching attacks, which briefly disrupt a device’s power or clock to cause unintended behavior (such as skipping a password check). ChipWhisperer includes opensource scope boards used to mount side channel attacks, firmware for both scopes and targets, and an open-source Python library for controlling the capture hardware and communicating with the target.
Traces for GSR > 0.8 >50000
Hardware-accelerated AES-128 (2nd gen IC, decoupling capacitor removed)
5000
Software AES-128 (2nd gen IC, decoupling capacitor removed
20
Shunt to digital Vcc (4th generation Chip, hardware DPA protection active)
GSR > 0.8 not achievable
Shunt to digital Vcc on 3rd generation Chip, SPA (3rd generation IC)
48
DESIGN WORLD — EE NETWORK
GSR > 0.8 not achievable
4 • 2021
Marius Munder • Silicon Labs
DPA tests at Silicon Labs involved the extraction of a 128-bit advanced encryption standard (AES) key and the impact of the correct choice of physical extraction method for the traces. Results show that a relatively small number of traces are required on legacy hardware, which may remain in service for years beyond the effectiveness of their security features. The same measurement was repeated on a fourth-generation wireless SoC with hardware DPA protection built into it, as well as on a third-generation IC with no DPA protection. In the latter case, the attack method was a simple power analysis (SPA) where data is extracted by monitoring a power trace with tiny fluctuations on the supply lines indicating “0s” and “1s.” In these two scenarios, the provided protection offered an effective defense.
eeworldonline.com | designworldonline.com
DIFFERENTIAL POWER ANALYSIS
The original paper introducing DFA, written by Paul Kocher, Joshua Jaffe, and Benjamin Jun, shows an SPA trace from a typical smart card as it performs a DES operation (top). The 16 DES rounds are clearly visible. A more detailed view of the same trace (below) shows the second and third rounds of a DES encryption operation in which many details of the DES operation become visible. For example, the 28-bit DES key registers C and D are rotated once in round two (left arrow) and twice in round three (right arrows).
The ChipWisperer tool (amongst others) drove IoT manufacturers to add countermeasures. Utilizing this open-source toolchain, Silicon Labs set out to prove that the hardware-based countermeasures in its new chipsets were indeed preventing the leakage of confidential data. The tests involved the extraction of a 128-bit advanced encryption standard (AES) key and the impact of the correct choice of physical extraction method for the traces. (Here, a trace refers to a set of power consumption measurements taken across a cryptographic operation. For example, a 1-msec operation sampled at 5 MHz yields a trace containing 5,000 points.) Importantly, the results show that it only takes a relatively small number of traces to learn the cryptokeys of legacy hardware, which may remain in service for years beyond the effectiveness of its security features. The same measurement was repeated using a fourth-generation wireless SoC with hardware DPA protection built in. Measurements were run as well on a third-generation IC with no DPA protection. Here the attack method was a simple power analysis (SPA) where data is simply extracted by monitoring a power trace and decoding tiny fluctuations on the supply lines into “0s” and “1s” of extracted data. In these two scenarios, the protection offered an effective defense.
PREVENTING INFORMATION LEAKAGE
The simplest way to protect information is to make physical extraction more complicated. eeworldonline.com | designworldonline.com
Encapsulating the hardware at the board level boosts the cost and complexity of attacks. But encapsulation may increase the cost of the device disproportionately. When moving from board to chip level, there are several relevant countermeasures: First, state-of-the-art CMOS technology nodes require significantly less power, greatly reducing the amount of information accessible through power analysis. Second, power analysis becomes much more difficult when using fast crypto engines with a high level of parallelization. The reason is the parallelization creates a significant amount of background noise. Then extraction of any keying material requires more traces and/ or more advanced attack methods to separate the signal from the noise. Finally, it’s possible to randomize the emissions from a chip in a way that makes it impossible to extract any data using power analysis. The key to devising software that thwarts power analysis attacks is to keep in mind the state of secret data should not lead to a specific power or timing pattern. This goal can be achieved if the execution path does not depend on secret values but instead only uses publicly known data for branch code execution. In situations where this branching is isn’t possible, all potential execution paths should require the same number of execution cycles. These relatively simple and inexpensive software-based countermeasures can help make SPA impossible. However, when it comes to DPA 4 • 2021
and more complex methods of power analysis, this strategy mostly just increases the number of traces needed to extract secret data because each operation in a modern processor has a distinct power fingerprint. It’s virtually impossible to make the power profile entirely data- and executionindependent using just software countermeasures. For any side-channel attack to succeed, the device-under-attack must use the secret an attacker is trying to extract in a way that is traceable. So, the most obvious and potentially most powerful countermeasure is to rate-limit the number of times a usable trace can be recorded. For example, assume an IoT device uses elliptic curve cryptography (ECC) to derive a communication key when it joins a new network. For a legitimate user, there is no “use case” involving attempts to join the same network repeatedly at a high rate. So it may be acceptable to restrict join attempts to just once per minute. All in all, DPA is available to a broad range of attackers, including hobbyists. It takes minimal time and effort to extract keying data from a legacy wireless SoC. The addition of state-of-the-art countermeasures will help make products more resilient to ever-improving power analysis attacks for many years.
The original DPA paper: Differential Power Analysis, by Paul Kocher, Joshua Jaffe, and Benjamin Jun, https://www.rambus.com/wpcontent/uploads/2015/08/DPA.pdf Silicon Labs, https://www.silabs.com/
DESIGN WORLD — EE NETWORK
49
INTERNET OF THINGS HANDBOOK
How manufacturers can protect IoT products from cyberattacks Cybersecurity has long been a critical focus for large enterprises. Now IoT device design engineers must take a page from the enterprise security playbook. IThough device manufacturers are heavily investing into the development of new solutions, these organizations often lack the security expertise and the technical resources to ensure that high levels of security are built into their products. Many of these connected devices employ new protocols, platforms and middleware solutions that have not been thoroughly vetted for security issues. The result, not surprisingly, is a slew of devices that are easily compromised by hackers. A host of new IoT cybersecurity standards and legislation have been proposed or enacted in recent years that require OEMs to build security into their devices. Standards from NIST, IETF, and GSMA, provide the foundation for many of these regulations and other related standards, resulting in similar security fundamentals across industries, so it is not surprising to find common requirements across these IoT standards: • • • • •
50
Secure boot using a hardware root of trust Secure software update capability Ensure each device has a strong unique ID Monitor network activity for unauthorized use Disable all unnecessary ports and services
DESIGN WORLD — EE NETWORK
By Alan Grau, Sectigo• VP of IoT
As an engineer working on Type of embedded device vulnerability Countermeasure a IoT device, what do these Implementation vulnerability Secure software development practices, guidelines mean for you? security testing, code scanning tools The use of multiple layers of Deployment vulnerability Security deployment practices, better protection, including firewalls, documentation and user training authentication, security Design vulnerability Security design practices, inclusion of protocols and intrusion security countermeasures in product design detection/intrusion prevention, occur when coding errors result in a weakness is a long-established driving that can be exploited during a cyberattack. principle for enterprise security. The infamous, and seemingly immortal, buffer In contrast, most IoT devices, especially overflow attacks are the classic example sensors and low-cost devices, lack basic of implementation vulnerabilities. Other firewalls or security protocols, and often rely on little more than simple password authentication. examples include improperly seeding random number generators, which can result in the For decades, device manufacturers generation of security keys that are easy to assumed these devices were not attractive guess. Adherence to software development targets to hackers or vulnerable to attacks. processes such as the OWASP Secure That is no longer true. Many attacks are Software Development Lifecycle or Microsoft’s automated with hacking bots scanning Security Development Lifecycle, and thorough ranges of IP addresses looking for vulnerable security testing processes, help to address targets. Furthermore, these edge devices, if implementation vulnerabilities. compromised, can become an entry point into Deployment vulnerabilities relate to issues larger systems and networks. Attacks against all that are introduced by the user during the types of embedded devices are on the rise and operation or installation of the device. These greater security measures are now needed. For over 25 years, cybersecurity has been a would include issues such as not changing default passwords, using weak passwords, not enabling critical focus for large enterprises. Now device security features, etc. While this is, at least on the design engineers need to take a page from the surface, a user issue, a security-oriented design enterprise security playbook. that eliminates the passwords and user controls VULNERABILITIES IN EMBEDDED DEVICES that allow weak security options can help prevent Before diving into the problem of how to deployment vulnerabilities. secure embedded and IoT devices, it is Design vulnerabilities, the focus of this important to consider the origin of security article, are weaknesses that result from a failure vulnerabilities. Broadly speaking, to include proper security measures when most vulnerabilities in embedded developing the device. Examples of design devices can be divided into one of vulnerabilities that have resulted in security three categories: implementation breaches include use of hard-coded passwords, vulnerabilities, deployment or control interfaces with no user authentication, use vulnerabilities, and design and use of communication protocols that send vulnerabilities. passwords and other sensitive information in Implementation vulnerabilities the clear. Other less-glaring examples include 4 • 2021
eeworldonline.com | designworldonline.com
INDUSTRIAL SECURITY devices without secure boot or that allow unauthenticated remote firmware updates. IoT devices comprise of a wildly diverse range of device types — from small to large, from simple to complex. Many of these are embedded devices and are quite different from standard PCs or other consumer devices. They are fixed-function devices specifically designed to perform a specialized task that uses a specialized operating system such as VxWorks, FreeRTOS or INTEGRITY, or a stripped-down version of Linux. Installing new software on the system in the field either requires a specialized upgrade process or is simply not possible. In most cases, these devices are optimized to minimize processing cycles and memory usage and do not have the extra processing resources required to support traditional security mechanisms. As a result, standard PC security solutions will not solve the challenges of embedded device security. In fact, given the specialized nature of embedded systems, Windows-based PC security solutions will not even run on most embedded devices.
5.
6.
7.
upgraded. Once they are deployed, they will only run the software that was originally installed at the factory including any vulnerabilities. Long lifecycle: The life cycle for embedded devices may be as long as 10, 15 or even 20 years. Building a device that will stand up to the ever evolving and increasing security requirements of the next two decades is a tremendous challenge. Deployed outside of the enterprise security perimeter: Many IoT devices may be deployed in the home, a remote location, or other environments lacking the protections found in a corporate environment. Device health: There is typically no way for the end user to easily monitor the device’s security health or to make changes.
The level of security required for a IoT device varies depending upon the function of the device. Rather than asking if the device is secure, the OEMs should be asking if the device is secure enough. We are no longer talking about protecting a device from just malformed IP packets or DoS So, What Are the Challenges for IoT security? packet floods. Hackers know how to research their targets. They often 1. Critical functionality: IoT devices often control critical have detailed operating information on the device they are targeting and systems and manage sensitive data. Factory control systems, have sophisticated toolkits and skills that can be used to develop finetransportation systems, the electric grid and medical systema tuned attacks. are all controlled by IoT and embedded devices. Have you considered how to protect your connected devices from 2. Replication: Once designed and built, IoT devices are mass attack from a group with detailed knowledge of the inner workings of produced resulting in thousands to millions of identical devices. your product? Hacking is not just the domain of bored teenagers, hacking Once a vulnerability is discovered, a successful attack against drones, or even the small groups of motivated hackers. When the stakes one of these devices can be replicated across all the devices. are high enough, cyberattacks are multi-phased, multi-year efforts carried 3. Security assumptions: Many IoT device engineers have long out by large, well-funded teams of hackers. assumed that their products are not targets for hackers and have A security solution for IoT devices must protect firmware from not considered security a critical priority. tampering, secure the data stored by the device, secure communication, and 4. Not easily patched: Most embedded devices are not easily protect the device from cyber-attacks. This can only be achieved by building in security from the earliest stages of design. Unfortunately, there is no one one-size-fits-all security Security feature Implementation in embedded devices solution for connected devices. Engineers must take into Secure boot Achieved using cryptographically signed code from the manufacturer consideration the cost of a security failure (economic, along with hardware support to verify code is authenticated. This environmental, social, etc.), the risk of attack, available attack ensures that the firmware has not been tampered with. vectors, and the cost of implementing a security solution. Secure code updates Secure code updates ensure that the code on the device can be updated for bug fixes, security patches, etc. Use of signed code Many features that need to be considered are ensures that malicious code cannot be introduced. concern the challenges with a diverse supply chain. The Data security Prevent unauthorized access to the device and it’s data by using recent SolarWinds hack, while not an IoT attack, shows encrypted data storage and/or encrypted communication. that securing the supply chain is a critical requirement. In Authentication Communication should be authenticated certificate-based addition to ensuring proper security measures are built into authentication on an authentication protocol such as Kerberos. the device, the OEM must impose secure development Secure communication Communication to and from the device needs to be secured using processes and monitoring of suppliers to prevent the encryption (SSH, SSL, etc.) introduction of vulnerabilities in firmware components. Protection against cyber attacks Embedded firewalls provide a critical layer of protection against Today’s modern IoT devices are complex connected hackers and common cyber-attacks. computing devices that perform critical functions. Intrusion detection & security monitoring Many existing IoT devices can be repeatedly attacked without Including the latest security protocols and technologies detection. For example, a hacker can execute millions of invalid login in these devices is an essential design task. Security attempts without the attack being reported. features must be considered at the very beginning of the Embedded security management Integration with a security management system allows security policies design process to ensure the device is protected from the to be updated to mitigate against known threats. numerous advanced cyber threats they will likely face. Physical device tampering detection
New processor/board designs include device tamper detection capabilities, enabling detection when the seal on the device enclosure is broken; indicating that someone attempted to tamper with the device.
eeworldonline.com | designworldonline.com
4 • 2021
Sectigo, sectigo.com DESIGN WORLD — EE NETWORK
51
AD INDEX INTERNET OF TH INGS HANDBOOK • APRIL 2021
AVX.......................................................................... 39
Newark, An Avnet Company................................... 29
Coilcraft................................................................... 31
RECOM Power GmbH............................................. 19
CUI Inc.....................................................................BC
Sequans Communications....................................... 13
Digi-Key.......................................................Cover, IFC
Sorbothane.............................................................. 41
Electrocube, Inc....................................................... 45
STMicroelectronics.................................................. 33
Infineon Technologies Americas Corp....................... 1
Tadiran Batteries........................................................ 3
Ironwood Electronics............................................... 10
TestEquity LLC........................................................IBC
SALES
LEADERSHIP TEAM Mike Francesconi mfrancesconi@wtwhmedia.com 630.488.9029
Jami Brownlee jbrownlee@wtwhmedia.com 224.760.1055
Neel Gleason ngleason@wtwhmedia.com 312.882.9867 @wtwh_ngleason
Mike Caruso mcaruso@wtwhmedia.com 469.855.7344 Bill Crowley bcrowley@wtwhmedia.com 610.420.2433
Courtney Nagle cseel@wtwhmedia.com 440.523.1685
Jim Dempsey jdempsey@wtwhmedia.com
Publisher Mike Emich memich@wtwhmedia.com 508.446.1823 @wtwh_memich Managing Director Scott McCafferty smccafferty@wtwhmedia.com 310.279.3844 @SMMcCafferty EVP
216.387.1916
Jim Powers jpowers@wtwhmedia.com
Michael Ference
312.925.7793 @jpowers_media
Marshall Matheson mmatheson@wtwhmedia.com 805.895.3609 @mmatheson
mference@wtwhmedia.com 408.769.1188
OR
LD
@mrference
N
W
IG @DES 52
DESIGN WORLD — EE NETWORK
4 • 2021
eeworldonline.com | designworldonline.com
THE MOST
Testing Solutions
Same day shipping │ Largest in stock inventory │ Technical expertise
TestEquity Chambers
TestEquity is the largest, most comprehensive provider of test solutions in the U.S. proudly supporting the aerospace, defense, automotive, electronics, education, and medical industries.
Built By Engineers For Engineers Precisely accurate Reliable Unparalleled warranty
Which Famous Engineer Are You? Ever wonder if you have the personality of a famous #UltimateEngineer?
Take the quiz
OUR BRANDS
The most testing solutions
Everything for electronic production
Tool kits you’re proud to own
www.testequity.com
www.techni-tool.com
www.jensentools.com
POWER WHEN YOU NEED IT
External Adapters
Ac-Dc Embedded
Dc-Dc Embedded
Our focus is on creating ease of access to power supply products and information that help drive an engineer’s design. With over 5,000 products in our portfolio our goal is to improve the way power products are purchased today and into the future.